package com.vogue.meeting.common.security.exception;

import com.vogue.meeting.common.web.domain.Result;
import com.vogue.meeting.common.web.domain.ResultCode;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException;
import org.springframework.security.oauth2.common.exceptions.*;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 自定义异常信息
 */
@Slf4j
@Component
public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {

    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
        log.error("Spring Securtiy异常", authException);

        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json; charset=utf-8");

        Exception exception = new Exception(authException.getMessage());
        exception.initCause(authException);
        Throwable cause = exception.getCause();

        if (cause instanceof InvalidClientException) {
            //无效客户端
        } else if (cause instanceof UnauthorizedClientException) {
            //未授权客户端

        } else if (cause instanceof InvalidGrantException) {
            //无效授权类型

        } else if (cause instanceof InvalidScopeException) {
            //无效域

        } else if (cause instanceof InvalidTokenException) {
            //token无效
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.TOKEN_INVALID)));
        } else if (cause instanceof InvalidRequestException) {
            //请求无效
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.REQUEST_INVALID)));
        } else if (cause instanceof RedirectMismatchException) {
            //重定向不匹配

        } else if (cause instanceof UnsupportedGrantTypeException) {
            //不支持授权类型
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.UNSUPPORTED_GRANT_TYPE)));
        } else if (cause instanceof UnsupportedResponseTypeException) {
            //不支持返回类型

        } else if (cause instanceof UserDeniedAuthorizationException){
            //用户拒绝授权
        }else if (cause instanceof InsufficientAuthenticationException){
            //访问此资源需要完全身份验证
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.INSUFFICIENT_AUTHENTICATION)));
        }else if (cause instanceof OAuth2AccessDeniedException){
            //访问被拒绝
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.ACCESS_DENIED)));
        } else if (cause instanceof CustomOauthException){
            //自定义异常
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.NOT_LOGIN.code(), ((CustomOauthException) cause).getOAuth2ErrorCode()+":"+cause.getMessage())));
        }else {
            response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.NOT_LOGIN)));
        }
    }
}
